[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)

Hi,

Answering directly:

No, it is not the goal.

See 5.0, if the proposal gets to be approved, that date will be the 
initial date where any evidence will be admissible to be considered 
regarding any reported case.

So, thanks for the opportunity to clarify this.

Today, an intentional hijack is NOT a RIPE policy violation, so anyone 
doing it _today_, under the current set of policies, is not doing 
(formally) anything wrong. And that's exactly what 2019-03 pretends to 
correct -- only and exclusively for the future.

Regards,
Carlos


On Thu, 21 Mar 2019, Sascha Luck [ml] wrote:

> On Thu, Mar 21, 2019 at 01:56:11PM +0100, JORDI PALET MARTINEZ via 
> anti-abuse-wg wrote:
>
>> I'm not ever sure if this is related to Retroactivity, so will need to look 
>> if it fits better in the previous section.
>> 
>> "A hijacking event will be only considered as a case for the experts while 
>> persisting or within a maximum period of 6 months since ceased."
>
> I'd actually like a straight answer to the following question (so
> far what I've read is contradictory and somewhat evasive):
>
> Is it, or is it not, the goal of this proposal to change the
> RIPE NCC's processes for dealing with policy violations to enable
> the RIPE NCC to punish historical policy violations as opposed to
> repairing ongoing policy violations?
>
> rgds,
> SL
>
>
>> Regards,
>> Jordi
>> 
>> 
>> 
>> ???El 21/3/19 11:38, "anti-abuse-wg en nombre de Carlos Fria??as via 
>> anti-abuse-wg" <anti-abuse-wg-bounces at ripe.net en nombre de 
>> anti-abuse-wg at ripe.net> escribi??:
>> 
>>
>>    Thanks for the input!
>>
>>    Trying to "retouch" 5.0:
>>    ========
>>    5.0 Retroactivity
>>
>>    Only hijacking events that occur after this policy has been implemented
>>    are eligible to be considered.
>>
>>    Evidence older than 18 months (counted from the date where a report is
>>    filed) should be disregarded by experts.
>>    ========
>>
>>    Best Regards,
>>    Carlos
>> 
>>
>>    On Thu, 21 Mar 2019, Piotr Strzyzewski wrote:
>>
>>    > On Thu, Mar 21, 2019 at 09:18:02AM +0000, Carlos Fria??as wrote:
>>    >
>>    > Dear Carlos,
>>    >
>>    >> What would be reasonable for you?
>>    >>
>>    >> 2 or 3 years before the date when the report is filed?
>>    >
>>    > I was thinking more about weeks not years. Mostly due to the nature of
>>    > the incident(s) itself. However, I'm not strongly opposed to 2y term.
>>    >
>>    > Piotr
>>    >
>>    > --
>>    > Piotr Strzy?ewski
>>    > Silesian University of Technology, Computer Centre
>>    > Gliwice, Poland
>>    >
>> 
>> 
>> 
>> **********************************************
>> IPv4 is over
>> Are you ready for the new Internet ?
>> http://www.theipv6company.com
>> The IPv6 Company
>> 
>> This electronic message contains information which may be privileged or 
>> confidential. The information is intended to be for the exclusive use of 
>> the individual(s) named above and further non-explicilty authorized 
>> disclosure, copying, distribution or use of the contents of this 
>> information, even if partially, including attached files, is strictly 
>> prohibited and will be considered a criminal offense. If you are not the 
>> intended recipient be aware that any disclosure, copying, distribution or 
>> use of the contents of this information, even if partially, including 
>> attached files, is strictly prohibited, will be considered a criminal 
>> offense, so you must reply to the original sender to inform about this 
>> communication and delete it.
>> 
>> 
>> 
>> 
>> 
>